[Remote] Principal Cyber Security Platform Engineer
Note: The job is a remote job and is open to candidates in USA. Jack Henry is a technology company focused on redefining financial services for community banks and credit unions. They are seeking a Principal Cyber Security Platform Engineer to enhance their security posture across cloud and on-prem environments, leveraging deep cybersecurity expertise to safeguard infrastructure and customer data.ResponsibilitiesBuild and operate security observability and monitoring capabilities, including SIEM, SOAR, and log aggregation, to enable real-time threat detection and responseDevelop and tune detection rules, alerting, and dashboards to improve visibility, response times, and security KPIsImplement and enforce security controls across multi-cloud environments (AWS, Azure, GCP), leveraging CSPM, CWPP, and CNAPP solutions to protect cloud infrastructure and workloadsDevelop infrastructure-as-code and policy-as-code guardrails to ensure secure, consistent cloud deploymentsEmbed security into CI/CD pipelines, integrating tools such as SAST, DAST, SCA, and container scanning to advance DevSecOps practices and reduce vulnerabilities earlyPartner with engineering teams on secure coding, threat modeling, and vulnerability remediation effortsSupport incident response and threat management, including escalation, investigation, and continuous improvement of playbooks and response processesImplement and enhance identity and access management (IAM), including zero-trust principles, least-privilege access, MFA, and privileged access controlsIdentify and mitigate security risks, ensuring alignment with regulatory and compliance requirements (SOC 2, PCI-DSS, FFIEC, NIST), while mentoring engineers and driving adoption of scalable security practicesMay perform other job duties as assignedSkillsMinimum of 15 years of progressive experience in cyber security or site reliability engineeringMinimum of 5 years of hands-on experience with cloud platforms (AWS, Azure, or GCP) in a security-focused capacityMinimum of 5 years of experience in cyber detection and incident responseMinimum of 3 years of experience with security observability and monitoring tools (SIEM, log management, APM)Demonstrated experience in DevSecOps practicesBachelor's degree in Computer Science, Cyber Security, Information Technology, Computer Engineering, or a closely related technical fieldStrong knowledge of networking fundamentals (TCP/IP, DNS, TLS/SSL, VPN, firewalls, load balancers)Experience with container technologies (Docker, Kubernetes) and their associated security challengesWorking knowledge of regulatory frameworks relevant to financial services (PCI-DSS, SOC 2, FFIEC, NIST 800-53)Familiarity with offensive security concepts, penetration testing methodologies, and red/blue/purple team exercisesExperience in the financial services or fintech industry with knowledge of banking regulations and compliance requirementsExperience with security automation and orchestration (SOAR) platformsHands-on experience with zero-trust network architectures and micro-segmentation technologiesBackground in threat hunting, digital forensics, or malware analysisExperience leading or mentoring security engineering teamsContributions to open-source security tools or active participation in industry security communities (DEF CON, BSides, OWASP chapters)BenefitsComprehensive benefits designed to support your physical, mental, and financial health so you can thrive both personally and professionallyCompany OverviewJack Henry (Nasdaq: JKHY) is a well-rounded financial technology company that strengthens the connections between people and their financial institutions through technology and services that reduce the barriers to financial health. It was founded in 1976, and is headquartered in Monett, Missouri, USA, with a workforce of 5001-10000 employees. Its website is http://www.jackhenry.com.